Executive Action Against Privacy Breaches

Credit card fraud and identity theft is America’s fastest growing crime, as evidenced by recent hacks into major corporate data banks. The major data breaches at Home Depot, Target and JP Morgan Chase last year alone affected more than 100 million Americans. In August, the New York Times reported that Russian hackers stole over a billion Internet passwords.

The White House responded on October 17th by launching a chip and pin system called “Buy Secure.” The Washington Post quoted the President as saying, “The idea that somebody halfway around the world could run up thousands of dollars in charges in your name just because they stole your number or because you swiped your card at the wrong place and the wrong time, that’s infuriating. For victims, it’s heartbreaking. And as a country, we’ve got to do more to stop it.”

The system replaces magnetic strips on cards with a microchip, and completed transactions will require a combination of the chip and the card’s pin. Identity thieves will find it much more difficult to replicate the chip than to memorize and use stolen pin numbers.

Buy Secure, described in an Executive Order, is divided into three sections. The first focuses on secure government payment plans and calls for executive departments and agencies to transition to payment processing terminals as soon as possible. By January 1, 2015, agencies must give the Office of Management and Budget their plans for enhancing their security features. The second section requires improved procedures for victims of identity theft which facilitates the processes in which victims can reclaim identity. Finally, the plan requires several federal agencies to present the President with a plan to ensure that their own interactions with the public’s data are secure. Although the Executive Order only focuses on federal agencies, Obama hopes to lead by example and encourage the private sector to follow suit.

In the private sector, Target, Home Depot, Wal-Mart and Walgreens have already installed chip-card readers or promised to do so by January 2015. Obama also asked federal law enforcement to work more closely with the private sector to find identity theft rings. Although businesses are already encouraged to accept EMV chip cards by October 2015, or be held responsible for fraudulent charges, Christian Science monitor reports that Buy Secure may motivate businesses to do so before then. The National Retail Federation praised the administration for proactive steps to secure consumer transactions.

Several other nations have already implemented similar programs. In fact, the Order was modeled after a program in Britain. British officials reported a 70% drop in fraud in stores after its implementation. There is no such regulation among the private sector, but there might not need to be with big corporations already following suit. It would behoove others capable of implementing such technology to follow suit.